Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(sidecar): ERC-2335 Keystore signer #287

Merged
merged 42 commits into from
Oct 14, 2024
Merged

feat(sidecar): ERC-2335 Keystore signer #287

merged 42 commits into from
Oct 14, 2024

Conversation

thedevbirb
Copy link
Contributor

@thedevbirb thedevbirb commented Oct 10, 2024
edited
Loading

Closes #283. This PR introduces support for running the sidecar by reading the private keys from ERC-2335 keystore files.

Such keystore are expected to be placed inside the keys folder of this project which reserved for this purpose only. While we could allow fetching them from a specified path, I like the idea of the sidecar not reading arbitrary folders of the users by mistake.

Some refactoring changes have been done as well:

  • All different signers have been moved to a signer folder
  • SignerBLS trait has been transformed into an enum because there's not a common trait for all type of signers
  • Config struct has been absorbed into Opts by squeezing Clap functionalities

Relies on chainbound/ethereum-package#17.

merklefruit
merklefruit requested changes Oct 10, 2024
View reviewed changes
Copy link
Collaborator

@merklefruit merklefruit left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The config refactor is very nice! Left some comments but overall great.

Wrt the signer, this is what I understand from the current flow with the Keystore:

  • sidecar is started with keystore CLI flags + validator-indexes flag
  • at each slot, we check if the proposer duties contain one of our validator indexes
  • if so, we try to find the pubkey from the keystore and sign the constraints with it

It would be cleaner to use the keystore as source of truth for which pubkeys we can use to sign messages in the first place, instead of going through validator_indexes.

In particular here's how I imagined it:

  • sidecar is started with keystore CLI flags
  • all pubkeys are loaded in memory when creating the keystore
  • at each slot, we check if the proposer duties contain on of our pubkeys
  • if so, simply sign it with that key

let me know your thoughts

bolt-sidecar/src/config/mod.rs Outdated Show resolved Hide resolved
bolt-sidecar/src/config/mod.rs Outdated Show resolved Hide resolved
bolt-sidecar/src/config/signing.rs Show resolved Hide resolved
bolt-sidecar/src/config/signing.rs Outdated Show resolved Hide resolved
bolt-sidecar/src/config/signing.rs Outdated Show resolved Hide resolved
bolt-sidecar/src/signer/keystore.rs Outdated Show resolved Hide resolved
bolt-sidecar/src/signer/local.rs Outdated Show resolved Hide resolved
bolt-sidecar/src/signer/mod.rs Outdated Show resolved Hide resolved
bolt-sidecar/src/state/execution.rs Outdated Show resolved Hide resolved
bolt-sidecar/src/test_util.rs Outdated Show resolved Hide resolved
@merklefruit merklefruit added C: bolt-sidecar Component: bolt-sidecar T: feature Type: Feature labels Oct 10, 2024
@merklefruit merklefruit added this to the v0.3: Holesky 1 milestone Oct 10, 2024
@thedevbirb
Copy link
Contributor Author

The config refactor is very nice! Left some comments but overall great.

Wrt the signer, this is what I understand from the current flow with the Keystore:

  • sidecar is started with keystore CLI flags + validator-indexes flag
  • at each slot, we check if the proposer duties contain one of our validator indexes
  • if so, we try to find the pubkey from the keystore and sign the constraints with it

It would be cleaner to use the keystore as source of truth for which pubkeys we can use to sign messages in the first place, instead of going through validator_indexes.

In particular here's how I imagined it:

  • sidecar is started with keystore CLI flags
  • all pubkeys are loaded in memory when creating the keystore
  • at each slot, we check if the proposer duties contain on of our pubkeys
  • if so, simply sign it with that key

let me know your thoughts

Thanks for the great review! Yes the flow you described is indeed correct. You're right that in the context of the keystore signer the process of checking validator indexes is redundant. I have to think whether it's still needed for other type of signers though

@thedevbirb thedevbirb force-pushed the lore/feat/sidecar/keystore branch 3 times, most recently from 16730c7 to 5384ddf Compare October 10, 2024 15:46
@merklefruit merklefruit mentioned this pull request Oct 11, 2024
Closed
@thedevbirb
feat(sidecar): keys dir for ERC-2335 keystore
83f2dee
@thedevbirb
chore(sidecar): lighthouse dependencies for keystore
dffe0fa
@thedevbirb
chore(sidecar): custom Debug for SigningOpts with the keystore_passwo…
7fcfa88 
…rd field
@thedevbirb
chore(sidecar): readme in keys folder
c6f4535
@thedevbirb
chore(sidecar): keys folder readme
5421b48
@thedevbirb
feat(sidecar): keystore signer stub
b842800
@thedevbirb
refactor(sidecar): config struct
d71dfe1
@thedevbirb
chore(sidecar): lighthouse deps revision
44624ae
@thedevbirb
refactor(sidecar): move commit boost signer to signer folder
53ee181
@thedevbirb
refactor,feat(sidecar): SignerBLS is now Enum, sign with keystore wip
f93425f 
keystore update
@thedevbirb
fix(sidecar): imports, errors
4b71447
@thedevbirb
chore(sidecar): Signer -> LocalSigner
22b7a47
@thedevbirb
chore(sidecar): just fmt
c6d2f6f
@thedevbirb
chore(sidecar): Debug for SignerBLSEnum
aad480f
@thedevbirb
chore(sidecar): SignerBLSEnum -> SignerBLS
fa286d9
@merklefruit merklefruit mentioned this pull request Oct 11, 2024
Closed
@thedevbirb thedevbirb marked this pull request as ready for review October 14, 2024 08:53
@thedevbirb thedevbirb mentioned this pull request Oct 14, 2024
Closed
merklefruit
merklefruit reviewed Oct 14, 2024
View reviewed changes
bolt-sidecar/src/driver.rs
@@ -224,24 +248,41 @@ impl<C: StateFetcher, BLS: SignerBLS, ECDSA: SignerECDSA> SidecarDriver<C, BLS,
// parse the request into constraints and sign them
let slot = inclusion_request.slot;

let pubkey = match self.constraint_signer {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

reminder: we're missing a check here. this pubkey is used to sign constraints but we don't know if it is authorized to do so. this can be added after we load delegation info in #290

merklefruit
merklefruit approved these changes Oct 14, 2024
View reviewed changes
Copy link
Collaborator

@merklefruit merklefruit left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great job!

@merklefruit merklefruit merged commit cd105ea into nico/devnet-fix Oct 14, 2024
3 checks passed
@merklefruit merklefruit deleted the lore/feat/sidecar/keystore branch October 14, 2024 10:58
@merklefruit merklefruit mentioned this pull request Oct 14, 2024
Merged
@thedevbirb thedevbirb mentioned this pull request Oct 14, 2024
Closed
@namn-grg namn-grg mentioned this pull request Oct 15, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@merklefruit merklefruit merklefruit approved these changes

Assignees
No one assigned
Labels
C: bolt-sidecar Component: bolt-sidecar T: feature Type: Feature
Projects
None yet
Milestone
v0.3: Holesky 1
Development

Successfully merging this pull request may close these issues.
2 participants
@thedevbirb @merklefruit